Link of the Day #LotD
What's one of the most contentious, hardest pieces of corporate security? Updates! But also freaking passwords. No matter how (commonly) long your password policy, nothing is usually in the way of people just using "Companyname2018!" which falls to a dictionary attack immediately.
Password blacklisting for active directory:
(I haven't had time to evaluate the current solutions yet, but this is an awfully good layer conceptually.)
A Mastodon instance for info/cyber security-minded people.